﻿using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Collections.Generic;
using System.Text;
using System.Threading.Tasks;

namespace SharpSoft.Web
{
    public class PermissionRequirement : IAuthorizationRequirement
    {

    }
    public class PermissionAuthorizationHandler : AuthorizationHandler<PermissionRequirement>
    {
        public PermissionAuthorizationHandler()
        {   
           
        }


        protected async override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
        {
            if (context.User.HasClaim(c => c.Type == "isrootuser" && bool.Parse(c.Value)))
            {//根账号跳过权限检查
                context.Succeed(requirement);
            }
            var ac = context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext;
            if (ac != null)
            {
                var ad = ac.ActionDescriptor;
                //TODO:检查用户权限
            }
        }
    }
}
